In today's computing environment, various components of a system (e.g., hardware and/or software) may handle sensitive data for authentication and/or other purposes. In this respect, the system components may store the sensitive data either temporarily or for some period of time. For example, a system component may handle and/or store a variety of sensitive data that indicates sensitive information, such as personal identification information, financial information, and/or other sensitive information for authentication and/or other purposes. However, the storage of sensitive data for any period of time may not be desirable. Further, the storage of sensitive data may even be prohibited by one or more regulations. For example, the Payment Card Industry (PCI) Data Security Standard (DSS) regulates the storage of PCI data, and the DSS includes requirements for protecting cardholder data that limit and/or prohibit the storage of PCI data (e.g., magnetic strip data, verifications codes, etc). See PCI DSS Version 1.1, found at https://www.pcisecuritystandards.org/tech/download_the_pci_dss.htm.
In some cases, a user and/or owner of the system component may not even be aware that the system component is storing sensitive information. For example, a business using a payment card reader may not be aware that payment card data is being stored on the business's local system. As such, it would be desirable to have a scanner that functions to scan system components for sensitive data. Further, it would be desirable to have a scanner that performs various functions in response to identifying sensitive data on a system component, such as alerting the user and/or owner of the system component or modifying the sensitive data.